Mobile Menace Monday: Chrome declares war on unwanted redirects
Credit to Author: Gleb Malygin| Date: Mon, 27 Nov 2017 16:30:33 +0000
As it was introduced earlier this year, Google is initiating their plan to implement a few new changes in Chrome to defend against unwanted web redirects. A redirect happens when a different website from the URL that was entered opens in the browser. Sometimes redirects are intentional, as in when an organization/website is bought out by another entity and their traffic is redirected to the new owner. However, sometimes redirects are malicious and unwanted.
An unwanted redirect happens when a webpage unintentionally opens in the browser due to maliciously embedded JavaScript code. These unintended redirects often come from third-party content, and they are conducted unbeknownst to the webpage’s author. The most common method of a malicious redirect is the following: After clicking a link, the desired webpage is opened in a new tab, but then an additional redirected (unwanted) webpage is opened in the main window.
Google will be rolling out updates with three new solutions to block unwanted redirects. These updates will be in addition to features that already exist, such as Chrome’s pop-up blocker and autoplay protections.
Google’s new anti-redirect features
Google’s first step in dealing with redirects is with a new way of handling iframes in Chrome 64. All redirects originating from third-party iframes will show an infobar instead of redirecting, unless the user is interacting with that frame. If the user ignores the infobar and interacts with the content, it will lead to a case where it will still redirect.
Another new feature, implemented in Chrome 65, will detect the common behavior of redirecting the main window, described above. Once again, the infobar will trigger and prevent the main window from redirecting. This will keep the user on the page they intended, and prevent receiving annoying or intrusive advertisements, such as videos that autoplay with sound or interstitials ads that take up the entire screen.
Some other Google Chrome protection features
In addition to preventing redirects, Google will also protect against several other types of abusive experiences, such as links that send users to unexpected destinations, including links to third-party websites deceptively veiled. Historically, these have been hard to automatically detect. The links can hide as fake Google Play buttons, fake site controls, or transparent overlays on websites. These malicious links capture all clicks and open new tabs or windows.
Google announced that in early January, Chrome’s pop-up blocker will also get an update. It will start preventing sites with these types of abusive experiences from opening new windows or tabs. Basically, it will serve much the same function as Google Safe Browsing does, protecting users from malicious content and making sure that ad offenders don’t frustrate or take advantage of users.
Google is helping site owners prepare for these changes with a new Abusive Experiences Report. Site owners can use the report feature to check if any of these abusive experiences have been found on their site and make proper changes accordingly. Otherwise, they have 30 days before Chrome will begin blocking the site from opening new tabs and windows.
In Google we (are forced to) trust
We all know that where there are benefits, there are also consequences. How Google handles its bigger ad-blocking initiative will be something to watch closely. There are of course drawbacks to building an ad blocker into Chrome, the most egregious being the amount of power it gives Google. Chrome ad blocker doesn’t just help publishers, it also helps Google maintain its dominance.
Eventually, it means Google gets to decide what qualifies as an acceptable ad (even though it’s basing this on standards set by the Coalition for Better Ads). That’s a good thing if you trust Google, but let’s keep in mind that Google is an ad company. Nearly 89 percent of its revenue comes from displaying ads. Just some food for thought.
Solutions for mobile
Malicious redirects are becoming common place on mobile devices. Most mobile browsers, like Chrome, don’t do a great job of preventing these redirects, which also cause ad pop-ups. Advertising affiliates are aware of this and exploit this weakness. Even when an advertising affiliate is shut down for using redirect exploits, it doesn’t stay shut down. All they need to do is get a different affiliate ID, and they are right back in business.
We are crossing our fingers that the new features in Chrome will finally stop redirects. If not, though, we can offer a couple of other solutions to help. These other solutions are to disable JavaScript, install a browser with ad blocking (like Opera), and/or install Ad-block Plus. If all else fails, and you are still encountering pop-ups, you back out of them using Android’s back key. Also, clearing your history and cache will help stop the ads from reoccurring.
Detecting phishing URLs
Malwarebytes for Android also contributes in the fight against frustrating unwanted websites with a couple of features. First, we automatically detect if phishing URLs are in an any incoming text message (SMS). Next, we detect phishing URLs in any text provided by the user. You can do this by simply selecting any text you’d like to scan in your mobile device. After selecting, just share the selected text with Malwarebytes for Android and we’ll alert you of phishing URLs.
Lastly, we have a great feature that aids in a safer browsing experience. It scans for phishing URLs in Chrome and alerts you when any are detected. Disclaimer: we can only alert, not block. We do this by using the accessibility service built into the Android OS. Thus, when you see Malwarebytes for Android asking for accessibility service permissions, it’s strictly for our phishing URL scanner. As always, we dedicate ourselves to keeping you safe, even from unwanted links.
The post Mobile Menace Monday: Chrome declares war on unwanted redirects appeared first on Malwarebytes Labs.